feat(loyalty): attribute transactions to the acting POS tablet

Adds acting_terminal_device_id to loyalty_transactions so the audit
log can distinguish between operations performed via the web terminal
(human user JWT) and operations performed via a paired tablet (device
JWT). The principal-of-record stays the pairing user — existing
reports keep working — and this column adds "which tablet did it"
alongside.

Threaded through every store-API endpoint that creates a transaction
(stamp add/redeem/void, points earn/redeem/void/adjust, enrollment +
welcome bonus, card deactivate/reactivate). The route reads
current_user.terminal_device_id, which the bearer-auth dep populates
when a device JWT is presented. User-token requests leave the column
NULL, as covered by the new test.

Bulk admin operations (GDPR anonymization, bulk deactivate) and Celery
tasks (point expiration) are not threaded — they always come from a
human admin or the scheduler, never a tablet.

- Migration loyalty_011 + LoyaltyTransaction.acting_terminal_device_id
- 9 service signatures gain the optional kwarg
- 8 store-API routes pass it through
- Integration tests: device JWT populates the column, user JWT leaves
  it NULL

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

app/modules/loyalty/services/points_service.py

@@ -53,6 +53,7 @@ class PointsService:
         ip_address: str | None = None,
         user_agent: str | None = None,
         notes: str | None = None,
+        acting_terminal_device_id: int | None = None,
     ) -> dict:
         """
         Earn points from a purchase.
@@ -196,6 +197,7 @@ class PointsService:
             card_id=card.id,
             store_id=store_id,
             staff_pin_id=verified_pin.id if verified_pin else None,
+            acting_terminal_device_id=acting_terminal_device_id,
             category_ids=category_ids,
             transaction_type=TransactionType.POINTS_EARNED.value,
             points_delta=points_earned,
@@ -249,6 +251,7 @@ class PointsService:
         ip_address: str | None = None,
         user_agent: str | None = None,
         notes: str | None = None,
+        acting_terminal_device_id: int | None = None,
     ) -> dict:
         """
         Redeem points for a reward.
@@ -331,6 +334,7 @@ class PointsService:
             card_id=card.id,
             store_id=store_id,
             staff_pin_id=verified_pin.id if verified_pin else None,
+            acting_terminal_device_id=acting_terminal_device_id,
             transaction_type=TransactionType.POINTS_REDEEMED.value,
             points_delta=-points_required,
             stamps_balance_after=card.stamp_count,
@@ -385,6 +389,7 @@ class PointsService:
         ip_address: str | None = None,
         user_agent: str | None = None,
         notes: str | None = None,
+        acting_terminal_device_id: int | None = None,
     ) -> dict:
         """
         Void points for a return.
@@ -482,6 +487,7 @@ class PointsService:
             card_id=card.id,
             store_id=store_id,
             staff_pin_id=verified_pin.id if verified_pin else None,
+            acting_terminal_device_id=acting_terminal_device_id,
             transaction_type=TransactionType.POINTS_VOIDED.value,
             points_delta=-actual_voided,
             stamps_balance_after=card.stamp_count,
@@ -529,6 +535,7 @@ class PointsService:
         staff_pin: str | None = None,
         ip_address: str | None = None,
         user_agent: str | None = None,
+        acting_terminal_device_id: int | None = None,
     ) -> dict:
         """
         Manually adjust points (admin/store operation).
@@ -578,6 +585,7 @@ class PointsService:
             card_id=card.id,
             store_id=store_id,
             staff_pin_id=verified_pin.id if verified_pin else None,
+            acting_terminal_device_id=acting_terminal_device_id,
             transaction_type=TransactionType.POINTS_ADJUSTMENT.value,
             points_delta=points_delta,
             stamps_balance_after=card.stamp_count,